Re: [fw-wiz] Re: Setting up H323 IP telephony etc - was Re: [fw-wiz] Apple's iSight and Firewalls

From: Barney Wolff (barney_at_databus.com)
Date: 08/27/03

  • Next message: Marcus J. Ranum: "Re: [fw-wiz] Re: Setting up H323 IP telephony etc - was Re: [fw-wiz] Apple's iSight and Firewalls"
    To: "Marcus J. Ranum" <mjr@ranum.com>
    Date: Tue, 26 Aug 2003 20:58:46 -0400
    
    

    On Tue, Aug 26, 2003 at 05:07:46PM -0400, Marcus J. Ranum wrote:
    >
    > Sorry - I'm feeling extremely curmudgeonly today. In my inbox I had
    > *5* reports of mission-critical networks that were taken down by
    > various worms in the last week. Why's that? On the surface, the
    > answer is "RPC bug" but the REAL answer is "people should not
    > be connecting mission-critical networks to the Internet - even with
    > firewalls." A small handful of us have been singing this song quietly
    > in the corner for about 12 years, now. Is anyone going to ever "get it"??

    Alas, for the latest round merely being not Internet connected would
    not have been good enough. An infected immigrant laptop is enough to take
    down any isolated net.

    For a sufficiently rich and motivated org, I'd advocate changing the
    Ethertype of IP from 800, just to make it harder to connect conventional
    equipment by accident. Does even NSA do anything like that?

    -- 
    Barney Wolff         http://www.databus.com/bwresume.pdf
    I'm available by contract or FT, in the NYC metro area or via the 'Net.
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Marcus J. Ranum: "Re: [fw-wiz] Re: Setting up H323 IP telephony etc - was Re: [fw-wiz] Apple's iSight and Firewalls"